SUMMARY: user/group named

From: Mike's List <mikelist_at_sky.net>
Date: Mon Jun 17 2002 - 13:48:30 EDT
ALL replied with, it's a good idea to create a user/group named and runs
BIND in a chroot environment --more secure in case BIND needs patching,
but you haven't got a chance to.  Also, if/when BIND is compromise,
user/group named gives another layer of security to protect root's access.

So it's not just a matter of preference but good security practice.
Thanks to all that replied.


- Mike


On Fri, 14 Jun 2002, Mike's List wrote:

> I'm about to bring a DNS system online and wanted to get some feedback.
> 
> -- Most Solaris system I've seen, named just runs/owns by root.
> -- Most Linux (ie. Redhat) I've seen, named runs/owns by named
>    (user and group) --only /var/named and everything below owns
>    by named (user and group).
> 
> My question is, does it matter if named is own by root or named? I can see
> why Redhat/Linux is set so there's a user named and group named for another
> layer of security, but how big of a deal if named is run/own by root? or is
> this just "matter of preference"?
> 
> Thanks.
> 
> 
> - Mike
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Mon Jun 17 13:56:36 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:46 EST